PRIVACY POLICY

The following information provides details on collecting personal data when using our website and when you contact us. Personal data refers to any data that can be directly or indirectly attributed to you personally, such as name, address, email address, and user behavior.

Responsible party (“controller”)

N4 Management und Services GmbH – Kaiserstraße 95-101a, 66133 Saarbrücken, Germany, Email: info@n4.de, Phone.: +49 681 63 89 7 – 0 – is responsible for complying with the information obligations according to Art. 13 and 14 of the GDPR, as well as other data subject rights and the handling of any data protection breaches.

For the websites of N4, there is joint responsibility, according to Art. 26 (1) of the GDPR among the following companies within the group:

1. N4 Management und Services GmbH, represented by Managing Director Mesut Cengiz,

2. netRapid GmbH & Co. KG, represented by netRapid Geschäftsführungs GmbH, for its part represented by Managing Director Mesut Cengiz,

3. n-Systems GmbH & Co. KG, represented by n-Systems Geschäftsführungs GmbH, for its part represented by Managing Director Mesut Cengiz,

4. NEXNOVA Business Solutions GmbH & Co. KG, represented by NEXNOVA Geschäftsführungs GmbH, for its part represented by Managing Director Mesut Cengiz,

5. NEXNOVA Software Solutions GmbH & Co. KG, represented by NEXNOVA Geschäftsführungs GmbH, for its part represented by Managing Director Mesut Cengiz

Joint address:

Kaiserstraße 95-101a
66133 Saarbrücken
Germany
Email: info@n4.de

6. N4 Leipzig GmbH, represented by Managing Directors Mesut Cengiz and Kevin Dewi

Pfaffendorfer Straße 18
04105 Leipzig
Germany
Email: info@n4.de

Data Protection Officer

You can reach out to our data protection officer by mail at the address Kaiserstraße 95-101a, 66133 Saarbrücken with the addition – Data Protection Officer – or by email at datenschutz@n4.de.

Processing activities

Accessing web pages

When you simply visit our websites without actively providing further information, so-called server log files are automatically recorded, such as your IP address, the web browser and operating system you use, the domain names of your internet service provider, and other details.

This ensures a smooth connection setup, usability, and the stability and security of the websites. It is based on Article 6(1)(f) of the GDPR, which allows us to process personal data when necessary for our legitimate interests in improving the stability and functionality of our websites.

Technical service providers responsible for the operation and maintenance of our websites may be recipients of this data, acting as processors on our behalf following Article 28 of the GDPR.

The data is generally deleted at the end of each session, as it is typically no longer necessary for the purposes mentioned above.

External hosting

Our websites are hosted by the external service provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Deutschland (provider). The personal data collected while using our websites is stored on the provider’s servers. This may include, in particular, IP addresses, contact inquiries, meta and communication data, contract data, contact details, names, website access, and other data generated through the website. The use of the provider is to fulfill the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of ensuring a secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). Our provider will process your data only to the extent necessary to fulfill its contractual obligations and will follow our instructions regarding this data. We have entered into a data processing agreement with our provider to ensure the processing complies with data protection regulations.

Consent management tool

We use CCM19 from the provider Papoo Software & Media GmbH Auguststr. 4 53229 Bonn. This tool processes the date and time of the visit, browser information, information on consent, device information and the IP address of the requesting device. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest). Obtaining and managing legally required consents is to be regarded as a legitimate interest within the meaning of the aforementioned provision. Consents and revocations are stored for a period of one week.

Collection of data through forms

On our websites, you will find forms for individual communication (e. g., for contacting us or requesting a callback). If you use these forms, the data entered in the input fields will be transmitted to us and stored. This data typically includes names, addresses, email addresses, telephone numbers, and possibly additional information provided by you.

The legal basis for processing data transmitted to us via contact forms is generally Article 6(1)(f) of the GDPR, as the purpose pursued and our legitimate interest lies in facilitating easy contact and processing your inquiry.

If the approach aims to enter into a contract, the legal basis for processing is Article 6(1)(b) of the GDPR (pre-contractual measure).

The recipients of your data may include service providers that are privacy-compliant and integrated by us. On the one hand, these service providers maintain our websites; on the other hand, they may receive your data if necessary to fulfill their respective services.

The data will be deleted no later than six months after the matter related to the inquiry has been finally clarified. If a contractual relationship is established, the statutory retention periods apply, according to which your data will be deleted after six or ten years.

Inquiry via email or telephone

If you contact us via email or telephone, your inquiry, including any resulting personal data (name, inquiry), will be stored and processed by us to handle your request. We do not disclose this data without your consent.

The processing of this data is based on Article 6(1)(b) of the GDPR if your inquiry is related to the performance of a contract or is necessary for implementing pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries directed to us (Article 6(1)(f) of the GDPR).

The data you send us will remain with us until you request its deletion or the purpose for data storage ceases to exist (e. g., after the completion of your request). Mandatory legal provisions, especially statutory retention periods, remain unaffected.

Video conferences

For communication with our customers, we use various online conference tools. When you communicate with us via video conference, we and the conference tool provider collect and process your data.

The conference tools collect all data you provide/use to access the tools (email address and/or telephone number). Furthermore, the conference tools process the duration of the conference, start and end times (timestamps) of participation, number of participants, and other contextual information related to the communication process (metadata).

Additionally, the tool provider processes all technical data necessary for handling online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise shared within the tool, it is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during service use.

Please note that we do not have full control over the data processing operations of the tools used. Our options are primarily based on the respective provider’s company policy. For further information on data processing by the conference tools, please refer to the privacy policies of the respective tools listed below.

Conference tools are used to communicate with potential or existing contractual partners or to provide certain services to our customers (Article 6(1)(b) of the GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Article 6(1)(f) of the GDPR). If consent has been obtained, the respective tools are based on this consent, which can be revoked at any time with future effect.

The data directly collected by us through the conference tool will be deleted from our systems as soon as you request deletion, revoke your consent for storage, or when the purpose for data storage no longer exists. Stored cookies will remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We do not have any influence on the storage period of your data stored by the operators of the conference tools for their purposes. For details, please directly consult the operators of the conference tools.

As a conference tool, we prefer to use Google Meet. Details on data processing can be found here: https://support.google.com/meet/answer/9852160?hl=de&ref_topic=10632347&sjid=5202277315647706539-EU&authuser=0

If personal data is transferred to the USA or servers of US-American companies in this context, we base this on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) as the legal basis.

Registration for our email newsletter

When you sign up for our email newsletter, we regularly send you information about our offers. The mandatory information for sending the newsletter is only your email address. Providing additional data is voluntary and is used to address you personally.

We use Brevo, part of the service provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, to dispatch newsletters, with whom we have concluded an agreement for order processing. This enables us to organize the delivery of newsletters and analyze newsletter campaigns. During the analysis, we can, for example, see if a newsletter message has been opened and which links have been clicked. Additionally, we can determine if certain predefined actions (conversion rate) have been taken after opening/clicking the newsletter. For example, we can determine if you made a purchase or similar after clicking the newsletter.

The service provider also allows us to segment the newsletter recipients into categories (“clusters”). For example, newsletter recipients can be divided based on age, gender, or location. This allows us to better tailor the newsletters to the respective target groups.

The data processing is based on your consent (Article 6(1)(a) of the GDPR). You can revoke this consent anytime by unsubscribing from the newsletter directly on the website or using the link provided in each newsletter message.

The legality of the data processing carried out before the revocation remains unaffected.

The data you provide to receive the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from the distribution list after unsubscribing. Data stored for other purposes remains unaffected.

After unsubscribing from the distribution list, your email address will be stored in a blacklist to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with legal requirements for newsletter dispatch (legitimate interest within the meaning of Article 6(1)(f) of the GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interests.

Distribution of the email newsletter to existing customers

If you have provided us with your email address when purchasing goods or services, we reserve the right (unless you initially objected) to regularly send you offers for similar goods or services from our range by email, particularly in the form of a newsletter. According to § 7(3) of the German Unfair Competition Act (UWG), we are not required to obtain separate consent from you. The data processing is based on our legitimate interest in personalized direct advertising following Article 6(1)(f) of the GDPR. However, you can object to the corresponding use of your email address at any time, with effect for the future, by sending a brief notification to us. Upon receipt of your objection, using your email address for advertising will be discontinued immediately.

Registration and participation in events and webinars

To participate in our webinars and other events, you need to register. For this purpose, we require your data: first and last name, email address.

We need this data to send you access information and to identify you. We process this data based on Article 6(1)(b) of the GDPR to fulfill our contractual obligation. We will also use your email address to send you materials related to the attended webinar.

During the webinar registration, you can consent to receive advertising based on Article 6(1)(a) of the GDPR. If you consent, we will use your email address, first name, and last name to send you advertising materials.

For webinars, we use the product GoToWebinar from the service provider LogMeIn Inc., 333 Summer Street, Boston, MA 02210 USA (im Weiteren: LogMeIn). We have concluded a data processing agreement with LogMeIn, in which LogMeIn assures compliance with applicable data protection regulations.

If personal data is transferred to the USA or servers of US-American companies in this context, we base this on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) as the legal basis.

Your data will be automatically deleted after the webinar ends. If you have consented to receive advertising, we will store your email address, first name, and last name until you withdraw your consent.

Security

For security reasons and to protect the transmission of confidential content that you send to us as the website operator, our website uses SSL or TLS encryption. You can recognize an encrypted connection by changing the browser’s address bar from “http://” to “https://” and the presence of a lock symbol in your browser’s address bar. When SSL or TLS encryption is activated, third parties cannot read the data you transmit to us. However, we would like to point out that Internet data transmission (especially via email) may have security vulnerabilities.

Cookies

We use cookies when you visit our websites. These are small text files that are stored on your device. Cookies cannot execute programs or transmit viruses to your device.

Certain cookies, known as transient cookies, are automatically deleted when you log out or close the browser. Others, known as persistent cookies, are automatically deleted after a specified duration, which may vary depending on the cookie.

Technically necessary cookies

Certain cookies are necessary to make websites more user-friendly, effective, and easier to use. For example, some features of web pages require your browser to be identified even after a page change. It is also necessary to store the settings you have chosen regarding using technically unnecessary cookies.

The processing of cookies in this regard is carried out following Art. 6(1)(f) of the GDPR based on our legitimate interest in a user-friendly design of our website.

If necessary, such data may be disclosed to technical service providers who act as processors following Art. 28 of the GDPR for the operation and maintenance of our websites.

The storage duration is usually no longer than one year, counted from the last visit to the respective website.

Technically unnecessary cookies

Cookies are also used to better tailor our offering to your interests or to improve it based on statistical evaluations. The legal basis for these processing activities is your consent, according to Art. 6(1)(a) of the GDPR.

Here we use the following technologies:

ETRACKER

Der Anbieter dieser Website nutzt Dienste der etracker GmbH aus Hamburg, Deutschland (www.etracker.com) zur Analyse von Nutzungsdaten. Wir verwenden standardmäßig keine Cookies für die Web-Analyse. Soweit wir Analyse- und Optimierungs-Cookies einsetzen, holen wir Ihre explizite Einwilligung gesondert im Vorfeld ein. Ist das der Fall und Sie stimmen zu, werden Cookies eingesetzt, die eine statistische Reichweiten-Analyse dieser Website, eine Erfolgsmessung unserer Online-Marketing-Maßnahmen sowie Testverfahren ermöglichen, um z.B. unterschiedliche Versionen unseres Online-Angebotes oder seiner Bestandteile zu testen und zu optimieren. Cookies sind kleine Textdateien, die vom Internet Browser auf dem Endgerät des Nutzers gespeichert werden. etracker Cookies enthalten keine Informationen, die eine Identifikation eines Nutzers ermöglichen.

Die mit etracker erzeugten Daten werden im Auftrag des Anbieters dieser Website von etracker ausschließlich in Deutschland verarbeitet und gespeichert und unterliegen damit den strengen deutschen und europäischen Datenschutzgesetzen und -standards. etracker wurde diesbezüglich unabhängig geprüft, zertifiziert und mit dem Datenschutz-Gütesiegel ePrivacyseal ausgezeichnet.

Die Datenverarbeitung erfolgt auf Basis der gesetzlichen Bestimmungen des Art. 6 Abs. 1 lit. f (berechtigtes Interesse) der Datenschutzgrundverordnung (DSGVO). Unser Anliegen im Sinne der DSGVO (berechtigtes Interesse) ist die Optimierung unseres Online-Angebotes und unseres Webauftritts. Da uns die Privatsphäre unserer Besucher wichtig ist, werden die Daten, die möglicherweise einen Bezug zu einer einzelnen Person zulassen, wie die IP-Adresse, Anmelde- oder Gerätekennungen, frühestmöglich anonymisiert oder pseudonymisiert. Eine andere Verwendung, Zusammenführung mit anderen Daten oder eine Weitergabe an Dritte erfolgt nicht.

Sie können der vorbeschriebenen Datenverarbeitung jederzeit durch Klick auf den Schieberegler widersprechen. Der Widerspruch hat keine nachteiligen Folgen. Wird kein Schieberegler angezeigt, ist die Datenerfassung bereits durch andere Blockier-Maßnahmen unterbunden.

.

Weitere Informationen zum Datenschutz bei etracker finden Sie hier.

Google Tag Manager

We use Google Tag Manager, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies into our website. The Google Tag Manager does not create user profiles, store cookies, or perform independent analyses. It is only used for managing and deploying the tools integrated through it. However, the Google Tag Manager collects your IP address, which can be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on your consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e. g., device fingerprinting); the consent can be revoked at any time.

Google Analytics

This website uses the web analytics service Google Analytics features, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics allows us to analyze the behavior of website visitors. We receive various usage data, such as page views, duration of visit, operating systems used, and the user’s origin. This data is aggregated into a user ID and associated with the respective user’s device.

Furthermore, we can record mouse movements, scroll actions, and clicks with Google Analytics. Google Analytics also uses various modeling approaches to supplement the collected data and employs machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of users to analyze user behavior (e. g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to and stored on a server in the United States.

The use of this analysis tool is based on Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e. g., device fingerprinting); the consent can be revoked at any time.

The data transfer to the United States is based on the European Commission’s standard contractual clauses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information on how Google Analytics handles user data, please refer to Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

We have entered into a data processing agreement with Google.

MICROSOFT CLARITY

We use the Microsoft Clarity tool on our websites. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Clarity is a tool for analyzing user behavior on this website. In particular, Clarity records mouse movements and creates a graphical representation of which part of the website users scroll to most frequently (heat maps). Clarity can also record sessions so that we can view page usage in the form of videos. We also receive information about general user behavior within our website. Clarity uses technology that enables the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or the use of device fingerprinting). Your personal data may also be stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA. The legal basis for the use of Clarity and the potential transfer to third countries is your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. Further details on Clarity’s data protection can be found here: https://docs.microsoft.com/en-us/clarity/faq Opt Out: https://choice.microsoft.com/de-DE/opt-out .

Google Ads

The website operator uses Google Ads, an online advertising program provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on user data available at Google (e. g., location data and interests) (audience targeting). As a website operator, we can quantitatively analyze this data by, for example, analyzing which search terms led to the display of our advertisements and how many clicks were generated.

The use of Google Ads is based on your consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e. g., device fingerprinting); the consent can be revoked at any time.

The data transfer to the United States is based on the European Commission’s standard contractual clauses. Details can be found here: https://policies.google.com/privacy/frameworks?hl=en and https://privacy.google.com/businesses/controllerterms/mccs/.

Google Remarketing

This website uses the features of Google Analytics Remarketing, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyzes user behavior on our website (e. g., clicks on specific products) to categorize you into specific advertising target groups. Subsequently, when you visit other online offerings, Google Remarketing can display tailored advertising messages to you (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked to Google’s cross-device capabilities. This allows interest-based, personalized advertising messages adapted to your previous usage and browsing behavior on one device (e. g., mobile phone) to be displayed on another of your devices (e. g., tablet or PC).

If you have a Google account, you can opt out of personalized advertising by following this link: https://www.google.com/settings/ads/onweb/.

The use of Google Remarketing is based on your consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting); the consent can be revoked at any time.

For more information and Google’s privacy policy, please visit https://policies.google.com/technologies/ads?hl=en.

Google Conversion Tracking

This website uses Google Conversion Tracking, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can determine whether users have performed certain actions. For example, we can evaluate which buttons on our website are clicked most frequently and which products are viewed or purchased most frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and which actions they took. We do not receive any information that personally identifies users. Google uses cookies or similar recognition technologies for identification purposes.

The use of Google Conversion Tracking is based on your consent following Art. 6(1)(a) of the GDPR; the consent can be revoked at any time.

For more information about Google Conversion Tracking, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=en.

Google reCaptcha

On our website, we use Google reCAPTCHA, provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of this is to verify whether data input, such as in a contact form, is being done by a human or an automated program. To achieve this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically when the website visitor enters the website. reCAPTCHA evaluates various pieces of information for analysis (such as IP address, duration of the website visit, or mouse movements made by the user). The data collected during this analysis is transmitted to Google.

Data processing is based on our legitimate interest in protecting our website from abusive automated spying and spam (Art. 6 para. 1 lit. f GDPR).

For further information about Google reCAPTCHA and Google’s privacy policy, please refer to the following links: https://www.google.com/intl/en/policies/privacy/.

If personal data is transferred to the USA or servers of US-American companies in this context, we base this on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) as the legal basis.

Google Fonts

Our websites use web fonts provided by Google to ensure consistent font presentation. When a page is loaded, your browser downloads the necessary web fonts to its browser cache to display text and fonts correctly. To prevent the transmission of personal data to Google servers in the United States, we have locally integrated Google Fonts.

HUBSPOT

We use the HubSpot service for various purposes. HubSpot is a software company from the USA with a branch in Ireland (HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland). Hubspot covers various aspects of our online marketing, such as email marketing, reporting, contact management (e.g. user segmentation & CRM), landing pages and contact forms. If you submit a contact form, we can also use HubSpot to link a user’s visits with personal details (in particular name and email address) on the basis of consent given, thus recording them on a personal basis and informing users individually and in a targeted manner about preferred topics. The legal basis for processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future. The personal data will be stored for as long as it is necessary to fulfill the purpose of processing. The data will be deleted as soon as it is no longer required to achieve the purpose. If personal data is transferred to the USA or to servers of the US company in connection with processing via HubSpot, we base this on the EU Commission’s adequacy decision on the EU-US Data Privacy Framework (DPF) as the legal basis and on so-called standard contractual clauses agreed with Hubspot. Further information on the processing of personal data by Hubspot can be found at https://legal.hubspot.com/de/privacy-policy and https://legal.hubspot.com/dpa.

Social media elements

On this website, elements of social media are used. You can usually recognize them by their respective logos. We only use these elements to ensure data privacy in conjunction with the so-called “Shariff” solution This application prevents the integrated social media elements from transferring your data to the respective provider’s server upon the first visit to the page. Only when you activate the respective social media element by clicking the associated button is a direct connection to the provider’s server established (consent). Once you activate the social media element, the provider receives information that you have visited our website with your IP address. If you are simultaneously logged into your social media account (e. g., Facebook), the respective provider can associate the visit to this website with your user account.

Activating the plugin represents consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG. You can revoke this consent at any time with future effect.

The use of this service is intended to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6(1)(c) of the GDPR.

For information on how your data is handled when using these services, please refer to the respective privacy notices:

Facebook: https://de-de.facebook.com/policy.php

Google and YouTube:https://policies.google.com/privacy?hl=en

Xing:https://privacy.xing.com/en

LinkedIn:https://www.linkedin.com/legal/privacy-policy

Instagram:https://help.instagram.com/519522125107875

Disclosure of data

Your personal data will not be transferred to third parties for purposes other than those mentioned above. We will – in summary – only pass on your personal data to third parties if you have given your consent to do so in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO have given your consent, this according to Art. 6 para. 1 p. 1 lit. b DSGVO is necessary for the processing of contractual relationships with you, this is necessary to protect our legitimate interests according to Art. 6 para. 1 p. 1 lit. f DSGVO (e.g. for the assertion, exercise or defense of legal claims or in the context of advertising measures) and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data or if a legal obligation pursuant to Art. 6 para. 1 p. 1 lit. c DSGVO exists for disclosure.

Rights of the data subject

About the personal data concerning you, you have the following rights, which you can generally assert in any form (e. g., by emailing us at datenschutz@n4.de or by sending a letter to our postal address, preferably with the subject line “Rights of the data subject”).

Right to information, correction, deletion, restriction, and data portability

Every data subject has the right to information according to Art. 15 of the GDPR, the right to correction according to Art. 16 of the GDPR, the right to deletion according to Art. 17 of the GDPR, the right to restriction of processing according to Art. 18 of the GDPR, and the right to data portability according to Art. 20 of the GDPR.

According to §§ 34 and 35 of the BDSG, restrictions apply to the right to information and deletion.

Right to object according to Art. 21 of the GDPR

If we base the processing of your data on a balancing of interests, you have the right to object to the processing. Our legitimate interests usually consist of responding to inquiries, conducting direct marketing activities, providing services and/or information intended for you, processing and transmitting personal data for internal or administrative purposes, operating and managing our websites, providing technical support, preventing and detecting fraud and criminal offenses, and ensuring network and data security.

When exercising an objection, please explain the interests you believe outweigh ours. In the event of a justified objection, we will either cease or adjust the data processing or provide compelling legitimate grounds for continuing the processing.

If you object to processing our (interest-based) direct advertising, no further explanation of reasons is required from you; further processing will cease without delay.

Revocation of consent

You can revoke your consent to processing personal data at any time. This also applies to the revocation of consent declarations given to us before the General Data Protection Regulation came into effect, i.e., before May 25, 2018. Please note that the revocation only takes effect in the future. Processing that occurred before the revocation is not affected by this.

Right of appeal

Finally, you have the right to complain with a data protection supervisory authority regarding the processing of your data by us. The responsible supervisory authority for us is the Independent Data Protection Center Saarland, Fritz-Dobisch-Straße 12, 66111 Saarbrücken.

Data security

Following Article 32 of the GDPR, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, implementation costs, the nature, scope, context, and purposes of processing, as well as the likelihood and severity of the risk to the rights and freedoms of natural persons.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data and the access, input, disclosure, availability, and separation of the data. Furthermore, we have established procedures to ensure the exercise of data subject rights, deletion of data, and response to data breaches. We also consider protecting personal data in developing or selecting hardware, software, and procedures following the principle of data protection by design and by default (Article 25 of the GDPR).

We would like to caution that data transmission over the Internet, especially when communicating via email, may have security vulnerabilities.

Social media

To present our company and facilitate direct communication with you, we utilize social media platforms provided by providers such as LinkedIn, Instagram, and others (in the following referred to as “providers”). Through these platforms, we maintain our presence, including company and employee profiles, and process your data.

Shared responsibilities

Suppose data is collected on our website that is processed and used by both the provider and us (e. g., for analysis or advertising purposes). In that case, there is a shared responsibility between the operator and us. Often, this feature cannot be deactivated by us. Therefore, you can contact the respective provider and us with your concerns. We are currently using the following providers:

LinkedIn (including the LinkedIn Sales Navigator) form LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
Facebook (including the Facebook Business Manager) form Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
Instagram from Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
YouTube and Google My Business from Google Ireland Ltd., Gordon House, Barrow Street,Dublin 4, Ireland;
Xing from New Work SE, Dammtor Street 30, 20354 Hamburg.

Nachfolgend finden Sie die Links zu den Datenschutzerklärungen und -informationen der jeweiligen Anbieter:

LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE
Facebook: https://de-de.facebook.com/policy.php
Instagram: https://de-de.facebook.com/help/instagram/155833707900388
Google: https://policies.google.com/privacy?hl=en
Xing: https://privacy.xing.com/en/privacy-policy

Below you will find the links to the privacy policies and information of the respective providers:

LinkedIn: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
Facebook: https://www.facebook.com/help/contact/540977946302970
Instagram: https://www.facebook.com/help/contact/540977946302970
Google: https://support.google.com/policies/contact/general_privacy_form
Xing: datenschutzbeauftragter@xing.com

1. Informative use of our website

You can visit our website without providing any personal information. Suppose you only use our website for informational purposes and do not register or provide us with information about yourself. In that case, we do not process any personal data except for the data collected by the operator through cookies and transmitted to us.

To analyze and track the use of their social media platform and our website, the provider uses cookies that evaluate your browsing behavior. This enables us to improve the quality of the platform, website, and content. We gain insights into how the platform and website are used, allowing us to continuously optimize our offer.

However, we have no control over the data collected and the data processing operations, nor do we have information about the full extent of data collection, the specific purposes of the processing, or the retention periods. We also have no information about deleting data collected by the platform operator.

Web analytics involves collecting, gathering, and evaluation of data about the behavior of visitors to websites. A web analytics service captures, among other things, data about the referring website from which an individual accessed a website (referrer), which subpages were accessed, and how often and for what duration a subpage was viewed. Web analytics is regularly used to optimize a website and analyze the cost-effectiveness of internet advertising. The information obtained through the analysis and tracking of our website may be combined with other data collected while using the website and platform. If you register on the platform, the operator may link data regarding your platform activities with your personal information (including name/email address) based on your consent, thereby capturing personal data and informing you individually and specifically about your preferred topics, among other things.

We have limited control over the statistics provided by the platform operator and cannot disable them. However, we ensure that no additional optional statistics are provided to us.

We process your data based on your consent, according to Art. 6(1)(a) of the GDPR you provided to the provider when registering for the respective social media platform.

2. Active use of the website

In addition to using our website for informational purposes, you can also actively engage with us by contacting us. In addition to processing your personal data, as described above for purely informational use, we also process additional personal data from you when you actively use our website, for example, when we need it to process your inquiries. This also applies if we use the website ourselves, such as for proactive communication or initiating business contacts with you.

a) Sharing and publishing of an interaction with posts, reviews, photos, etc.
You can comment on, share, or otherwise interact (like, recommend, review, etc.) with posts, photos, videos, etc., created by us on the provider’s platform and our website. If it is a function of the platform operated by the provider, we may share your content on our website and communicate with you through the platform. The operator may publish public messages, but we will never use or process them for other purposes.

Regarding reviews, we reserve the right to publish a statement (e. g., to clarify an issue, offer complaisance actions, etc.) in response to your feedback and to request further contact. This may involve processing personal data voluntarily published by you in the review. Furthermore, we reserve the right to delete content if necessary.

We process your data to safeguard our legitimate interests, according to Art. 6(1)(f) of the GDPR. The data processing is carried out in our public relations and communication interest

b) User inquiries
To process your inquiries, for example, through contact forms, chat, or our email address, and to provide targeted responses and the requested information, we process the personal data you provide in this context. This includes your contact details to send you a response or ask necessary follow-up questions and any other information you transmit to us in this regard.

If you submit an inquiry to us through the platform, depending on the required response, we may refer you to other secure communication channels that guarantee confidentiality. You always have the option to send confidential inquiries to the address stated in the imprint or this privacy policy. Our contact may be made electronically, by telephone, or by postal mail, depending on the subject of the inquiry and appropriateness.

We process your data to respond to user inquiries, request materials, etc., based on the following legal grounds:

to safeguard our legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f GDPR; our legitimate interest lies in the proper response to and execution of customer inquiries;
If the inquiry aims at entering into a contract, an additional legal basis is Art. 6(1)(b) of the GDPR.
With your consent within the scope of using the live chat, Art. 6(1)(a) of the GDPR.

c) Active use of social media
We actively utilize our presence on business-oriented platforms such as LinkedIn and associated tools like LinkedIn Sales Navigator to engage, communicate, establish business contacts, and receive your job applications.

For this purpose, we process the data provided to us by the respective platform. This may include your name, employer, position at your company, education, and other contacts on the platform. Depending on the nature of our interaction with you, we may process additional data, such as specific business relationships or the content of our communication. Furthermore, there is a possibility that we will transfer your data to our CRM system and combine or link it with existing data about you in that system.

We process your data to engage, communicate, or establishing business contacts with you (including through our CRM) based on the following legal grounds:

Your consent, according to Art. 6(1)(a) of the GDPR, which you provided to the provider upon registering for the respective social media platform, provided that it pertains to your platform user data (name, employer, position, platform usage behavior, etc.).
To fulfill a contract or carry out pre-contractual measures following Art. 6(1)(b) of the GDPR, if we already have a business relationship with you or if we are conducting pre-contractual measures based on your request through the platform (e. g., further contact or communication).
to protect our legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO; our legitimate interest is the appropriate approach, communication or initiation of business contacts with you for the establishment, implementation, maintenance or termination of a business relationship with you.

Applications

When you apply to us, we collect the information you provide, including your name, address, date of birth, telephone numbers, nationality, email address, image data (passport photo), educational and professional qualifications, assessments and employment references, reliability information, and health data (if relevant, such as in the case of severe disability).

The purposes of processing are the initiation and decision-making regarding establishing an employment relationship. The legal bases for processing are primarily Art. 6(1)(b), Art. 88(1) of the GDPR, as well as Art. 9(2)(b) of the GDPR (for special categories of data). If we are to use or disclose your data for other purposes (such as inclusion in an applicant pool or sharing with partner companies), we will only do this based on your explicit consent (Art. 6(1)(a) of the GDPR).

Recipients of application data are generally only individuals within the corporate group involved in the decision-making process. Transfer to a third country does not take place. After an unsuccessful application, data will be deleted after three months if no consent for further storage is provided.

Currency and changes to this privacy policy

This privacy policy is currently valid and is dated April 2024, but is subject to constant further development. The current privacy policy can be accessed at any time on our website.